Cybersecurity

Rivetz Intl., a newly formed subsidiary of Rivetz Corp., today announced the RvT cyber security token, created to combine trusted computing with blockchain technology that can offer comprehensive privacy protection. Rivetz believes the RvT token will enable multi-factor authentication across devices, to achieve provable security at the transaction and authentication level.

Furthermore, Rivetz believes the solution will enable peer-to-peer transactions to have provable cyber controls that become a permanent part of the blockchain record, providing cryptographic proof that the measured protections were in place before a transaction can execute. The Rivetz solution is built on technology that has already been delivered on over a billion devices containing ARM-compatible processors...

Druva, the leader in cloud data protection and information management, today announced the results of its Annual Ransomware Report. The report reveals ransomware as the great equalizer, a ubiquitous global threat affecting enterprises large and small and devices of all types. With over 800 companies participating, the report uncovered that over 80 percent of respondents reported ransomware attacks are on the rise and that half of businesses hit by ransomware were attacked multiple times. To combat the increase in these attacks, eight out of ten organizations turn to modern backup solutions as the most effective strategy to minimize costly downtime and crucial data loss.

Ransomware has quadrupled over the past year, reaching an estimated $1 billion in 2016 with 4,000 attacks occurring per day. As further proven by the recent, widespread attack known as WannaCry, protecting against ransomware is paramount for companies of all sizes and industries. With an increased technological sophistication among attackers, today's IT organizations are becoming more vigilant and proactive to mitigate data damage caused by attacks and fully prepare to swiftly and seamlessly recover from them.

The adoption of cloud computing has been on the up since as far back as 2008, when a survey conducted by the Pew Research Institute found that cloud services were used by nearly 69% of Americans. Since then, the industry has experienced hyper-growth and exceeded the already vast predictions of how big it would become.

IDC predicts that the cloud computing market in 2017 will be worth $107 billion and, according to Gartner, by 2020 a corporate ‘no-cloud’ policy will be as unusual as a ‘no-internet’ policy would be today. Indeed, it would be difficult to imagine an organisation in 2017 that did not use webmail, file sharing and storage, and data backup...

BeyondTrust, a leading cyber security company dedicated to preventing privilege misuse and stopping unauthorized access, announced support for the Microsoft Azure cloud platform, providing privileged access management (PAM) and vulnerability management (VM) solutions that can now be hosted in and manage Azure instances.

According to the 2016 Gartner Magic Quadrant for Public Cloud Storage Services Worldwide, 80 percent of cloud breaches through 2020 will occur due to customer misconfiguration, mismanaged credentials or insider theft. As the cloud ecosystem evolves it is increasingly critical to ensure visibility and security. However, many traditional security tools that are architected for on-premises environments and extended to the cloud present critical blind spots that put an organization at risk.

We have covered a number of security-related topics in past articles here at CloudCow, but that doesn't change the fact that security awareness is still very low, especially among business users. Recent ransomware attacks crippling the NHS in the UK and several banks in Spain have illustrated just how vulnerable these large companies are.

The outlook is grim for small businesses, despite the fact that they are targeted more frequently. Budget remains a big obstacle and real solutions are still not being implemented properly. Taking basic steps today can help save your business from future security issues. Here are the first steps to take for better information security.

Get a Vulnerability Assessment

The minimum you should do is get your systems checked. A network and application vulnerability assessment is a standard procedure that will help you identify risks and potential security problems. At the very least, you will know the kind of risks you're facing when you don't have proper security measures in place.

RapidFire Tools Inc. has bundled together a powerful new set of tools that, for the first time, allows MSPs to roll-out a high-value, automated and branded internal IT security service that can be offered to all of their clients. The new product, called Detector SDS (Service Delivery System), includes an unlimited-use license for its unique Detector™ cyber security alerting appliance, plus additional new tools that the MSP can use to define the level of service, dynamically build marketing materials to help sell the services they create, and built-in workflow automation to easily manage the cyber security alerts through a common interface. Everything in the system, including the unlimited-use Detector appliance license, is covered by a low monthly subscription.

The Detector SDS solution comes pre-configured with a set of three "white-labeled" cyber security service plans -- "Silver," "Gold" and "Platinum." MSPs can deliver these as-is, "out-of-the-box," or modify them to meet the needs of individual clients using the built-in, menu-driven "Service Plan Creator." The pre-configured services, as well as the customized ones, can all be renamed and branded by the MSP. Once the plans are created, the MSP can quickly and easily select one or more plans to present to a client or prospect, and the system will automatically generate a professionally-formatted and branded "Plan Matrix" sales sheet. The Plan Matrix has a column for each service plan, in addition to neatly organized check-boxes that allow the client to easily see the differences in the individual plan features and deliverables. In addition, the system can automatically generate a branded Service Catalog for each Plan Matrix, providing more details about each of the deliverables included with each different level of service.

AlienVault, the leading provider of Unified Security Management (USM) and crowdsourced threat intelligence, today announced the availability of USM Anywhere, the first all-in-one Software-as-a-Service (SaaS) security monitoring platform designed to centralize threat detection, incident response, and compliance management of cloud, hybrid cloud, and on-premises environments from a single cloud-based console.

Built natively in the cloud to monitor hybrid cloud environments, USM Anywhere is a comprehensive, unified solution that significantly simplifies security and reduces deployment time, so that companies of all sizes can go from installation to first insight within minutes. USM Anywhere also provides advanced automated response orchestration with external security tools and applications, making it easier for IT teams to respond quickly and efficiently to identified threats.

Simplifying Threat Detection and Response

ServiceNow, the enterprise cloud company, today announced integrations from leading cybersecurity companies into ServiceNow Security Operations solution. With ServiceNow customers can prioritize threats and use a structured response engine to resolve real security threats fast. Now security analysts can easily enrich threat information, map those threats to the underlying business service at risk, and easily collaborate with IT to automatically resolve them. This replaces the manual, slow and ineffective back-and-forth resolution process of the past.

While enterprises have invested heavily in protection and detection tools, security response is often left unaddressed. Determining whether an alert constitutes an actual threat can take hours. Security analysts use email, phone calls and spreadsheets to coordinate remediation with IT teams. These manual processes are error-prone and unwieldy, leading to lengthy breach containment times of 70 days on average, according to the Ponemon Institute.

ServiceNow Security Operations replaces the manual work patterns of the past with intelligent workflows of the future and just added several new automation integrations from leading security vendors. In as little as 20 seconds, Security Operations automatically enriches each security incident with threat intelligence, including information from potentially affected endpoints. This allows security analysts to spend less time on researching problems and to get to resolution faster. In addition, ServiceNow Security Operations eliminates the need for manual data collection by automatically generating a post-incident report for later analysis, reporting or audit.

Hackers have reportedly devised a new phishing method which seems to be tricking even the most experienced and tech savvy users into revealing their account details. The highly effective phishing campaign seems to be running on a sophisticated automation feature that pounces on newly compromised Gmail accounts to mount a secondary attack on users in the contact list.

Once hackers have taken over a Gmail account, they launch their secondary attack by sending out emails disguised under recently sent attachments and a relevant subject line. The email contains a thumbnail version of the attachment which, when clicked, opens up a convincing Gmail login box a trap that tricks users in revealing their Gmail account password...

The data centre is the castle. You can pull up the drawbridge, fill up the moat, or pull down the portcullis. But at some point, you have to let data in and out, and this opens up the opportunity for ransomware attacks. No longer is it a matter of pride and peer recognition in the hacker community for circumnavigating and exposing the security of an organisation because it is now a fully-fledged industry in its own right with the use of ransomware.

That cybersecurity company Herjavec Group estimates to top a $1 Billon in 2016. In the past, those under siege used to flood the moats, pull up the drawbridges and drop the portcullis to protect themselves but with the modern data centre organisations life blood is the movement of data in and out of the data centre...